e9c8189070cb2a04c00f7e0b0629ee1c_JaffaCakes118 | Triage

Sharing

General

Target

e9c8189070cb2a04c00f7e0b0629ee1c_JaffaCakes118
Size

86KB
MD5

e9c8189070cb2a04c00f7e0b0629ee1c
SHA1

19e4dff2d71cb2f1c5916948e464ead763cf3e07
SHA256

2de8d51a019392ab82476cdc96e74a3352747207db851ab960411f8f79cc5dec
SHA512

76a4b42fa4fffe3c50274f85b1c4e97227e17f286f2a0e6fcddf5a35d67ce05d203ba2d6afd6e619e717eec875206e00b958710cc73e371d5916598171fe3f71
SSDEEP

1536:Y2WLmkRPzZjo+N74Y4+vLDtRxHXR+3005p5ZJGQud90HW3HnPusRahuZ0Nk4RBjR:v0f19dLD1B+3VlZJ0KHqnP5qH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9c8189070cb2a04c00f7e0b0629ee1c_JaffaCakes118

Files

e9c8189070cb2a04c00f7e0b0629ee1c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE